<?php

/**
 * @author Martin Pernica
 * @copyright 2008
 */
if (User::isLogged()) {
    Text::h2(Lang::getFront('com_user', 'notlogged'));
} else {

    if (!empty($_POST['display_name']) && !empty($_POST['email'])) {
        $max_width = 100;
        $max_height = 100;
        if (!empty($_POST['new_pass'])) {
            $hash = new Hash($user['username'], $_POST['new_pass']);
            $hash->hash();
            $password = $hash->password;
        } else {
            $password = $_POST['password'];
        }

        if (!empty($_FILES['new_avatar']['name'])) {
            if ($_FILES['new_avatar']['type'] == "image/jpeg" || $_FILES['new_avatar']['type'] ==
                "image/pjpeg" || $_FILES['new_avatar']['type'] == "image/png" || $_FILES['new_avatar']['type'] ==
                "image/gif") {
                list($width, $height) = getimagesize($_FILES['new_avatar']['tmp_name']);
                if ($width <= $max_width && $height <= $max_height) {
                    $folder = "avatars";
                    $result = './components/com_user/' . $folder . "/" . $_SESSION['id'] . '-' . $_FILES['new_avatar']['name'];
                    $file = $_FILES['new_avatar']['tmp_name'];
                    if ($_POST['avatar'] != 'default.png') {
                        unlink('./components/com_user/' . $folder . "/" . $_POST['avatar']);
                    }
                    $copy = move_uploaded_file($file, $result);
                    chmod($result, 0777);
                    $avatar = $_SESSION['id'] . '-' . $_FILES['new_avatar']['name'];

                    if ($copy === false) {
                        Text::p( Lang::getFront('com_user', 'edit_avatar_error') );
                        $avatar = $_POST['avatar'];
                    }
                } else {
                    Text::p( Lang::getFront('com_user', 'edit_avatar_res', array($max_width, $max_height)) );
                    $avatar = $_POST['avatar'];
                }
            } else {
                Text::p( Lang::getFront('com_user', 'edit_avatar_mime') );
                $avatar = $_POST['avatar'];
            }
        } else {
            $avatar = $_POST['avatar'];
        }

        $display_email = (intval($_POST['display_email']) == 0) ? '0' : '1"';
        $display_name = htmlspecialchars($db->real_escape_string($_POST['display_name']), ENT_QUOTES, 'UTF-8');
        $email = htmlspecialchars($db->real_escape_string($_POST['email']), ENT_QUOTES, 'UTF-8');
        $website = htmlspecialchars($db->real_escape_string($_POST['website']), ENT_QUOTES, 'UTF-8');
        $birthday = intval($_POST['year']) . '-' . intval($_POST['month']) . '-' .
            intval($_POST['day']);
        $gender = $db->real_escape_string($_POST['gender']);
        $real_name = htmlspecialchars($db->real_escape_string($_POST['real_name']), ENT_QUOTES, 'UTF-8');
        $display_contact = (intval($_POST['display_contact']) == 0) ? '0' : '1';

        $check_dname = $db->query("SELECT id FROM {prefix}users WHERE display_name = '" .
            $display_name . "'");
        $data_dname = $check_dname->fetch_array();
        if ($check_dname->num_rows != 0) {
            if (User::getUid() != $data_dname['id']) {
                Text::p( Lang::getFront('com_user', 'edit_username_used') );
                $sql_add_dname = "";
            } else {
                $sql_add_dname = "display_name = '" . $display_name . "',";
            }
        } else {
            $sql_add_dname = "display_name = '" . $display_name . "',";
        }

        $query = $db->query("UPDATE {prefix}users SET password = '" . $password .
            "'," . $sql_add_dname . " email = '" . $email . "', birthday = '" . $birthday .
            "', gender = '" . $gender . "', real_name = '" . $real_name . "', website = '" .
            $website . "', display_email = '" . $display_email . "', display_contact = '" .
            $display_contact . "', avatar = '" . $avatar . "' WHERE id = '" . User::getUid() .
            "'");

        $fquery = "";
        $field_count = 0;
        foreach ($_POST as $key => $val) {
            $tmp = explode("_", $key);
            if ($tmp[0] == "field") {
                $field_count++;
                $fquery .= " " . $key . " = '" . $val . "',";
            }

        }

        $test_query = $db->query("SELECT id FROM {prefix}fields_data WHERE id = '" . User::getUid() .
            "''");
        if ($test_query->num_rows == 0) {
            $db->query("INSERT INTO {prefix}fields_data(uid) VALUES('" . User::getUid() .
                "')");
        }

        if ($field_count != 0) {
            $query = $db->query("UPDATE {prefix}fields_data SET " . trim($fquery, ",") .
                " WHERE uid = '" . $_SESSION['id'] . "'");
        }

        Text::h2( Lang::getFront('com_user', 'edit_success') );
        Text::br();
    }
    
    $query = $db->query("SELECT * FROM {prefix}users WHERE id = '" . User::getUid() . "' LIMIT 1");
    $user = $query->fetch_array();
    unset($query);

    $query = $db->query("SELECT * FROM {prefix}fields_data WHERE uid = '" . User::getUid() .
        "'");
    $fields_data = $query->fetch_array();
    unset($query);
    
    //TODO: Create edit form using Form class

    echo '<form action="' . $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'] .
        '" method="POST" enctype="multipart/form-data" ><table>';
    $display_email = ($user['display_email'] == 0) ? '' : 'checked="checked"';
    $display_contact = ($user['display_contact'] == 0) ? '' : 'checked="checked"';
    echo '
<tr><td>'.Lang::getFront('com_user', 'username').' : </td><td><input type="text" name="username" size="25" value="' .
        $user['username'] . '" disabled="disable" /></td></tr>

<tr><td>'.Lang::getFront('com_user', 'display_name').' : </td><td><input type="text" name="display_name" size="30" value="' .
        $user['display_name'] . '" /></td></tr>
<tr><td>'.Lang::getFront('com_user', 'new_pass').' : </td><td><input type="password" name="new_pass" size="30" /></td></tr>
<tr><td>'.Lang::getFront('com_user', 'email').' : </td><td><input type="text" name="email" size="30" value="' . $user['email'] .
        '" /></td></tr>

<tr><td>'.Lang::getFront('com_user', 'display_email').' : </td><td><input type="checkbox" ' . $display_email .
        ' name="display_email" value="1"></td></tr>
<tr><td>'.Lang::getFront('com_user', 'display_form').' : </td><td><input type="checkbox" ' . $display_contact .
        ' name="display_contact" value="1">

<tr><td>'.Lang::getFront('com_user', 'avatar_change').' : </td><td><input type="file" name="new_avatar"></td>

<tr><td>'.Lang::getFront('com_user', 'gender').' : </td><td>
<select name="gender" size="1">';

    if ($user['gender'] == 'male') {
        echo '<option value="male" selected="selected">'.Lang::getFrontGlobal('male').'</option>';
    } else {
        echo '<option value="male">'.Lang::getFrontGlobal('male').'</option>';
    }
    if ($user['gender'] == 'female') {
        echo '<option value="female" selected="selected">'.Lang::getFrontGlobal('female').'</option>';
    } else {
        echo '<option value="female">'.Lang::getFrontGlobal('female').'</option>';
    }

    echo '
</select>
</td></tr>
<tr><td>'.Lang::getFront('com_user', 'birthday').' : </td><td>
<select name="day" size="1">';
    $birthday = explode("-", $user['birthday']);
    for ($i = 1; $i <= 31; $i++) {
        $selected = ($birthday[2] == $i) ? 'selected="selected"' : '';
        echo '<option value="' . $i . '" ' . $selected . '>' . $i . '</option>';
    }
    echo '
</select>
<select name="month" size="1">';
    for ($i = 1; $i <= 12; $i++) {
        $selected = ($birthday[1] == $i) ? 'selected="selected"' : '';
        echo '<option value="' . $i . '" ' . $selected . '>' . $i . '</option>';
    }
    echo '
</select>
<select name="year" size="1">';
    for ($i = 1910; $i <= (date("Y") - 5); $i++) {
        $selected = ($birthday[0] == $i) ? 'selected="selected"' : '';
        echo '<option value="' . $i . '" ' . $selected . '>' . $i . '</option>';
    }
    echo '
</select>
</td></tr>
<tr><td>'.Lang::getFront('com_user', 'fullname').' : </td><td><input type="text" name="real_name" size="30" value="' .
        $user['real_name'] . '" /></td></tr>
<tr><td>'.Lang::getFront('com_user', 'website').' : </td><td><input type="text" name="website" size="30" value="' . $user['website'] .
        '" /></td></tr>
</table>';

    $cats = $db->query("SELECT id, title FROM {prefix}fields_cats");
    while ($d = $cats->fetch_array()) {

        echo "\n<h2>" . $d['title'] . "</h2>";
        echo "\n<table>";

        $fields = $db->query("SELECT * FROM {prefix}fields WHERE catid = '" . $d['id'] .
            "'");
        while ($field = $fields->fetch_array()) {

            switch ($field['type']) {
                case 1:
                    $input = "<input type=\"text\" name=\"" . $field['sql_name'] . "\" value = \"" .
                        $fields_data[$field['sql_name']] . "\" />";
                    break;
            }

            echo "\n<tr><td>" . $field['desc'] . " : </td><td>" . $input . "</td></tr>";
        }

        echo "\n</table>";
    }


    echo '<input type="hidden" name="password" value="' . $user['password'] . '" />
<input type="hidden" name="avatar" value="' . $user['avatar'] . '" />
<input type="submit" value="' . Lang::getFrontGlobal('submit') . '" style="float: right;" />
</form>
';
}
?>